ClawHub

wechat-article-getter

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill’s goal is coherent, but it can automatically install browser tooling at runtime and its URL validation can let a non-WeChat page run in a no-sandbox headless browser.

Use only with trusted, valid WeChat article links and consider running it in a virtual environment or container. Review and perform dependency installation yourself rather than letting the script auto-install packages during article fetching.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI02: Tool Misuse and Exploitation
Medium
What this means

A crafted URL containing the text mp.weixin.qq.com could make the agent browse a non-WeChat site in a less-contained browser context.

Why it was flagged

The code uses a substring check rather than parsing and enforcing the hostname, then loads the supplied URL in Chromium with anti-detection and no-sandbox flags.

Skill content
if "mp.weixin.qq.com" not in url: return _err(url, "不是微信公众号链接") ... page.goto(url, wait_until="networkidle", timeout=timeout_ms) ... args=["--disable-blink-features=AutomationControlled", "--disable-dev-shm-usage", "--no-sandbox"]
Recommendation

Only use this with clearly valid https://mp.weixin.qq.com article links; the maintainer should validate the parsed hostname exactly and avoid --no-sandbox unless strictly required.

#ASI04: Agentic Supply Chain Vulnerabilities
Medium
What this means

Running the skill may change the user’s Python environment and download executable browser components, creating supply-chain and local environment risk.

Why it was flagged

The normal fetch path can automatically install unpinned Python packages and download a Chromium browser if dependencies are missing.

Skill content
subprocess.check_call([sys.executable, "-m", "pip", "install", "playwright", "beautifulsoup4", "-q"]) ... subprocess.check_call([sys.executable, "-m", "playwright", "install", "chromium"])
Recommendation

Install dependencies explicitly in an isolated environment, pin package versions, and avoid automatic runtime installation in the fetch script.